This is a good article. Follow the link for more information. Starting from around 2012 the use of ransomware scams has grown internationally. Cryptoviral extortion is the following three-round protocol carried bitcoin cryptowall ransom between the attacker and the victim.
The attacker generates a key pair and places the corresponding public key in the malware. To carry out the cryptoviral extortion attack, the malware generates a random symmetric key and encrypts the victim’s data with it. It uses the public key in the malware to encrypt the symmetric key. It zeroizes the symmetric key and the original plaintext data to prevent recovery. It puts up a message to the user that includes the asymmetric ciphertext and how to pay the ransom.
The victim sends the asymmetric ciphertext and e-money to the attacker. The attacker receives the payment, deciphers the asymmetric ciphertext with the attacker’s private key, and sends the symmetric key to the victim. The victim deciphers the encrypted data with the needed symmetric key thereby completing the cryptovirology attack. The symmetric key is randomly generated and will not assist other victims. Payment is virtually always the goal, and the victim is coerced into paying for the ransomware to be removed—which may or may not actually occur—either by supplying a program that can decrypt the files, or by sending an unlock code that undoes the payload’s changes.